Search

Subscribe

Windows for Warships

The Type 45 destroyers now being launched will run Windows for Warships: and that's not all. The attack submarine Torbay has been retrofitted with Microsoft-based command systems, and as time goes by the rest of the British submarine fleet will get the same treatment, including the Vanguard class (V class). The V boats carry the UK's nuclear weapons and are armed with Trident ICBMs, tipped with multiple H-bomb warheads.

And here's a related story about a software bug in the F-22 Raptor stealth fighter. It seems that the computer systems had problems flying West across the International Date Line. No word as to what operating system the computers were running.

The Register item mentions that the operating system being used by the RN is Dimdows 2000. Why are they using something that old? NASA, for instance, has a long tradition of using old technology, but that's because human lives are at stake, and they want to be sure the stuff has been around long enough so most of the bugs have already been found. But that doesn't apply to the military, which is perfectly willing to suffer a certain percentage of losses to its own side ("friendly fire" and the like) in pursuit of its goals.

I was quite surprised when I saw this. I mean, it seems like a perfect fit for SE Linux with a stripped down kernel. Permissions can (and should) be heavily restricted and difficult to change. As the article mentions, set-up and administration complexity is a non-issue...

They point out that it isn't a major problem for the ICBM subs, as the computers are isolated and the weapons require much human intervention to launch.

The missile-defense destoyers, however, have defense weapons which have to be capable of destroying an incoming missile within 30 seconds of detecting it. These weapons are much more dependent on their computers, and the computers are much more networked.

Weren't there all sorts of problems with the F-16 as well when it first came on the scene? Things like flipping inverted when crossing the equator, allowing release of bombs while inverted, raising landing gear while on the runway...

Will Windows for Warships (WFW) shut down like Vista does when it can't contact the Microsoft server to validate the license information?

maybe, you get this msg:

"Sorry, Microsoft(R) Windows for Warships(C) has not been able to validate your license key. All generators, misssle bays, and navigation equipment will be shut down until your genuine license can be confirmed. Please contact the Microsoft(R) License Advocacy Hotline(TM) to re-activate your license."

I saw a History Channel program on the US stealth bomber. A US Air Force commander explained that they were on the "bleeding edge" of technology because the flight crew could send/receive "Microsoft email [sic]".

This makes me sick on so many levels (security, software engineering, terminology, common sense).

I sure hope the F-22 incident is just a rumor. I've been trying, and I can't think of any good reason for any important part of the nav systems to know or care what the local time zone might be. I can just barely see a good reason for them to have a real time clock since they're using GPS. Otherwise, plain old dead simple uptime should be able to do pretty much whatever they need to do.

I would like to think that when they say they are using Win2k, they really mean a highly customised version with as much of the MS protocols and useless fluff ripped out. Even so, no matter how hard they try to make it safe the fact is that neither Windows (or Linux) was originally designed for real time safety critical work. The only OS I know of that was properly desinged for this sort of thing is QNX.

Speaking as a UK citizen, I am a little saddened to read this on Bruce's blog; it should be on the BBC news and we should have some angry members of parliment asking awkward questions.

I have served in the German Navy for a couple of years as an officer aboard a frigate (year of construction: 1977), working in the combat information centre. Old equipment is standard and it gets replaced when it's absolutely necessary AND when budget limits allow replacements. Very often, old equipment from other units is being used as replacement if it's newer than the already in place equipment. The weapon systems I have been working with weren't driven by Windows as the computer equipment was too archaic for running Windows. The targeting systems aboard fast patrol boats (they carry the Exocet MM38 missile which sunk a British frigate in the Falkland war) even run software from tapes! As far as I know the boats are still in service like that.

What I want to point out: old doesn't necessarily mean bad. If it works within the specification and there are no undocumented errors, bugs or the like then you don't replace it if it can do the job. It can do the job when the threat scenario doesn't throw something at you that decreases your chances of survival in an armed conflict. And believe me, there hasn't been much process in the deployment of new and better weapon systems that would make an arms race necessary.

Concerning the use of Windows on naval vessels: during my time of active duty I haven't seen any use of Windows for weapon control systems, communication systems or navigation systems. Workstations that were used to handle administrative stuff were equipped with Windows NT at the time, I guess because the system was officially certified somehow (and others weren't) and at the time alternative platforms were not available with the same properties.

I don't really see any benefit for Microsoft to benefit from this market anyway as it isn't a high volume market, there's not much money to make from license fees by volume. Germany currently has between 8 and 12 capital ships deployed, depending how you define "capital". The time of service these ships have to fullfill is way beyond 20 years in average. Will Microsoft offer support for a system all this time? I doubt it. So even if a specific version of Windows is used it will have to be replaced at sometime, even if this may be a newer version of Windows. Individual licenses will be much much more expensive than any license volume program an ordinary company will have at Microsoft and Microsoft will have to show sourcecode, especially to foreign buyers as they won't trust a US company with their defence stuff. These premises given, any Open Source system can compete at the same terms and quality will become the lever as support and source code access are essential for these kind of projects.

The Swedish military has already decided to ditch Windows by the way and go for GNU/Linux.

If I was still aboard a frigate doing active duty and I had to operate a weapon, communication or navigation system based on Windows I'd certainly be worried about overall security. Especially after having listened to the Metasploit talk at FOSDEM in Brussels this weekend...

There was definitely some sort of SW problem requiring return to base and a multi-day delay for update. The details of the failure aren't mentioned, but I believe this to be a slightly more reliable source than a Slashdot post: http://www.af.mil/news/story.asp?id=123041553

Does anyone have a credible source linking the problem with crossing the IDL?

I would think that Microsoft would know better than to run Windows on the warships that would protect Redmond, WA.

Running Windows -- even the highly fault tolerant Windows NT 4.0 for life safety applications -- is begging to be hacked.

A friend of mine used to be IT on a US Navy warship. He quit and became a civilian techrep somewhere in Central Asia. He claims it's much safer to be shot at by muj than live on a ship whose propulsion is controlled by a Windows box . . .

For some time, Dave Brown has been using the sig quote (hey, does anyone here remember sig quotes?) "[W]ith the Smart Ship's reputation so far, they will have to build a bloody
big trebuchet for the damn thing to be useful as a weapon." Attributed to Derry Hamilton.

Another instance the Ministry Of Defenses inabilty to go shopping without burining up a few billion for something that doesnt work.
They may have choosen windows based software to even things up for the navy, after all the army is currently fighting a desert war with guns that dont work in hot dusty conditions, the air force is flying planes older than the pilots ( with an airbourne radar system based on a chip developed to run traffic lights).

Nobody ever gets fired at the MoD, incompetence seems to be the surest route to promotion.

1: Advanced navigation systems needs to know the time. It’s used to calculate such minor things as tides.

2: I have been working at a ship in the Swedish navy, which used windows based navigation systems for a while. These systems were kept isolated and thought to be secure. That was until a technician came to update the maps and infected the computer with several viruses. It was not popular when this computer had a blue screen of death when we were doing complicated maneuvers. The system was later replaced, as it was not reliable enough.

3: Naval systems tend to go the KISS path. We have physical overrides for most of the electrical systems. Computers, especially modern computers with general purpose OS is just one more think that can break. One of the reasons old computers are used is that they tend to be more reliable in an environment that is damp, salty, warm, cold and has lots of vibration.

4: In general, windows (or Linux) don’t make much sense in a naval environment. Most of the systems are embedded and have specific tasks to solve. There are good and reliable real time OS that can be used. You don’t need to be able to play Doom 3 on your radar.

The civilian navy is a completely different thing. There they try to minimize the crews as much as possible and using windows based systems (“as everybody knows windows��?) makes sense for the monitoring and control software.

Someone mentioned product key validation, but they forgot to do the gag that with Windows Genuine Advantage (or "Windows' Genuine Advantage", or "Windows So-Called "Advantage""), if you add a new deck gun to your warship, Windows will think it has been re-installed on a different ship, and shut down.

Call me naive, but does it bother anybody else that Microsoft is suddenly a Defense Contractor? Okay, okay, they've probably been a defense contractor forever and I just wasn't aware of it. I'm used to thinking of Microsoft as an 800 lb. technobusiness gorilla, but a business entity.

But ruining^H^H^H^H^Hnning U.S. industry isn't enough for Microsoft: now the Microsoft monopoly also controls our military? I'm sorry, but this is giving me a military-industrial complex!

So... are we selling Microsoft-enabled military equipment to other nations? Will our troops go into battle against an enemy that has decompiled their operating software and developed lethal DOS attacks? And does anyone care that Bill Gates potentially owns and runs EVERYTHING, including armies?

This isn't all that new - the US Navy runs Windows on the control systems for some of their warships - imagine my surprise at seeing a bunch of consoles with the NT 4.0 logo when I was on a tour! I spoke with one of the chiefs there, who told me the systems are NEVER connected to the Internet.

It also makes sense, as if I recall MSFT licensed NT 4.0 source code to third parties to allow them to build in support for specialized hardware - which may explain why 4.0 is still popular among the Process Control Network crowd...

That was a shocker. I thought the Navy was sticking with an open architecture computing environment. I guess you never know.

Quoting from a report by the Committee on Armed Services of the U.S. House of Representatives, dated May 14, 2004...

The Aegis combat system engineering program includes the development of upgrades for cruiser and destroyer Aegis combat systems and the integration of new equipment and systems to keep pace with the threat and capture advances in technology. The committee notes that experiences aboard Aegis-equipped ships and shore sites have shown that the use of currently available commercial- off-the-shelf equipment requires periodic refreshment and additional development effort as new technologies become available and computer operating systems, device drivers, and interfaces are updated.

To overcome these problems, the Navy is developing an open architecture computing environment for Aegis-equipped cruisers and destroyers as a part of the Navy's overall open architecture program. The goal of the program is to evolve combat systems into a "system of systems" that resides on a common computing environment which will be less complex, more easily upgraded, and have lower total ownership costs.

"IBM and Raytheon announced today the Navy will begin deploying one of its most extensive uses of IBM technology to accelerate the development of weapon systems and help reduce the number of crew members needed to sail the next generation of Navy Destroyers.

Addressing the Navy's need for a cost effective open architecture computing infrastructure, IBM and Raytheon are significantly reducing the complexity of the ship's computing environment and maintenance costs as compared to other ship classes, while providing the processing capabilities to address current and future threats.

In addition, IBM and Raytheon are deploying the most advanced computing environment and standards-based infrastructure software so the systems can perform at never before seen processing rates with high levels of reliability.

Under the contract, IBM will provide BladeCenter servers and WebSphere software technology running on custom Real-Time Linux."
(Submitted by Kathleen Keating of IBM)
Quoted from http://linuxpr.com/releases/9422.html

IBM and Raytheon are significantly reducing the complexity of the ship's computing environment and maintenance costs as compared to other ship classes. In other words not using Windows, which just keeps growing in complexity and cost. Simple is best just so it works.

Here's the site. I don't know if there is a Microsoft Navy site.
This is an Official U.S. Navy Web Site for NSWCDD, Dahlgren Laboratory, Dahlgren Va.
Approved for Public Release; Distribution is Unlimited.
Last Modified: Mar 2005 http://www.nswc.navy.mil/wwwDL/B/OACE/

I'm in a similar field: To our consternation, vendors are going with Windows based on their ability to hire folks fresh out of college (or wherever) for development and support. It's not like we have dozens of vendors from which to choose, and they are all basing their products on Windows.

@Albatross: "Call me naive, but does it bother anybody else that Microsoft is suddenly a Defense Contractor? Okay, okay, they've probably been a defense contractor forever and I just wasn't aware of it."

Don't you remember all the noise about NT's "POSIX Layer", many years ago? That (now-deprecated) mis-functionality was specifically put there so Windows could (with assistance from a lawsuit) meet the defense-department requirements for "open" operating systems.

When it is all said and done, it will come down to reliability. Unfortunately much of that is determined by complexity.

Reduce complexity and reliability goes up.

The lock-in motive is better fulfilled with interdependencies. Translation: complexity. Sure, it makes sense WfW would be a stripped down version, but keep in mind why today's software takes so long to release. Complexity. Don't need all that functionality? Remove it. Good Luck. Don't remove and you have more opportunities for failure. Remove incorrectly and you have more opportunities for failure. Rock and a hard place? (For the same reason it is hard for Microsoft to bolt in all those "features", it is equally hard for you to be sure you remove all the right hooks, and *only* the right hooks.)

So why not start with a good foundation?

And don't get me started with the argument "That's what the kids know". That line of reasoning is............

Consider the plans to control the spider's world with "low quality business software"...
I sort of did that this morning. The spider, it appears, does not care about standardization. it makes it up as it goes along. It's a good deal for humans, since it traps and kills the other bugs. It does all this with no toxic chemicals. The Iraqi army clowns dumped 168 million gallons of oil into the Persian Gulf following the first defeat. They didn't clean it up. The U.S. Army and Navy engineers dealt with the mess.

I believe they were running proprietary server software. I could be wrong.
The site says, "US Airways' web servers also use web beacon and other technologies to better understand what promotions are of interest to you. These technologies may be used on a number of pages on the website and allow us to tailor the content that we present to you online and in e-mails. Web beacons usually work in conjunction with cookies."

They are automating the system and people can't even verify who is supposed to be on what aircraft, so everything shuts down. The airlines should just install ATM's, which never go down. At least then they could give you a refund so you could catch a working jet.

The press likes a good story, and most people probably couldn't even tell you what an operating system is. Think of the fun when someone points out that Windows 2K runs on the Airbus 380. ("No wonder it's so buggy!" Um, no, that's not why.)

"It's shaping up to be one of the costliest blunders in the history of commercial aerospace. Airbus' parent, European Aeronautic Defence & Space, expects to take a $6.1 billion profit hit over the next four years."

"The root cause of the problem is that the 3D digital mockup, which facilitates the design of the electrical harnesses' installation, was implemented late and that the people working on it were in their learning curve."

The F-16 was similarily plagued at first. "Can you raise wheels at zero alt and zero speed?" Yes. But you have to replace the gear bay doors. "Can you drop bombs in the inverted flight position?" Yes. But it dents the wings.

Some years back AW&ST ran a piece with puffs quotes from Airbus on how they were thinking about putting a Windows computer in the cockpit instrument panel...with chicklet keys and a trackball.
After I hoisted my jaw back, I wrote a letter to the editor, which they published, in which I pointed out that:
1) Trying to do anything with such a computer while descending through cumulonimbus was ludicrous...you'd need a Fischer-Price interface with 2" square keys to even hit a key, much less the right one...and a trackball? LOLROTF
2) Only the French could imagine that they could violate Murphy's Law like that.
3) They may say they were only going to use it for non-critical apps, but.......